The Framework

Tanglin Consultancy uses the CObIT framework is working with its clients to ensure that their Information Technology delivers what the business needs to succeed.

The Control Objectives for Information and related Technology (COBIT) is a set of best practices (framework) for information technology (IT) management created by the Information Systems Audit and Control Association (ISACA), and the IT Governance Institute (ITGI) in 1996.

COBIT provides managers, auditors, and IT users with a set of generally accepted measures, indicators, processes and best practices to assist them in maximizing the benefits derived through the use of information technology and developing appropriate IT governance and control in a company.

Cobit Fraemwork

PLAN AND ORGANIZE

The Plan and Organize domain covers the use of information & technology and how best it can be used in a company to help achieve the company’s goals and objectives. It also highlights the organizational and infrastructural form IT is to take in order to achieve the optimal results and to generate the most benefits from the use of IT.

PO1 – Define a Strategic IT Plan and direction
PO2 – Define the Information Architecture
PO3 – Determine Technological Direction
PO4 – Define the IT Processes, Organization andRelationships
PO5 – Manage the IT Investment
PO6 – Communicate Management Aims and Direction
PO7 – Manage IT Human Resources
PO8 – Manage Quality
PO9 – Assess and Manage IT Risks
PO10 – Manage Projects

ACQUIRE AND IMPLEMENT

The Acquire and Implement domain covers identifying IT requirements, acquiring the technology, and implementing it within the company’s current business processes. This domain also addresses the development of a maintenance plan that a company should adopt in order to prolong the life of an IT system and its components. AI1 Identify Automated Solutions AI2 Acquire and Maintain Application Software AI3 Acquire and Maintain Technology Infrastructure AI4 Enable Operation and Use AI5 Procure IT Resources AI6 Manage Changes AI7 Install and Accredit Solutions and Changes

DELIVER AND SUPPORT

The Deliver and Support domain focuses on the delivery aspects of the information technology. It covers areas such as the execution of the applications within the IT system and its results as well as the support processes that enable the effective and efficient execution of these IT systems. These support processes include security issues and training.

MONITOR AND EVALUATE

The Monitor and Evaluate domain deals with a company’s strategy in assessing the needs of the company and whether or not the current system still meets the objectives for which it was designed and the controls necessary to comply with regulatory requirements. Monitoring also covers the issue of an independent assessment of the effectiveness of IT system in its ability to meet business objectives and the company’s control processes by internal and external auditors.